iMessage (imsg)

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). This skill explicitly reads and searches iMessage/SMS chats via Messages.app, which ingests untrusted, user-generated third-party message content that the agent would read and could let embedded instructions influence its actions.